IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> staying in a system, stabalizable or ticking clock
sunnyside
post Dec 6 2007, 11:38 PM
Post #1


Runner
******

Group: Members
Posts: 2,590
Joined: 31-December 06
Member No.: 10,502



So there is always the system without patrol IC where you hack in as admin and have a jolly good time. Great for things you don't want to spend much time on in game.

Alright but what about when you do have patrolling IC.

First how often do you have it roll against the player?

Is there any way to completly stop it from finding you.

Also what if at some point you get into a fight with an IC and crash it. Seems like it should just reboot. Anyway to stop that.

Also is there any way to stop a system from shutting down?
Go to the top of the page
 
+Quote Post
Dashifen
post Dec 6 2007, 11:46 PM
Post #2


Technomancer
********

Group: Retired Admins
Posts: 4,638
Joined: 2-October 02
From: Champaign, IL
Member No.: 3,374



  1. How often the IC "patrols" is somewhat up to the GM. Until Unwired says otherwise, I tend to use similar rules for the Astral Patrolling in Street Magic. Astral patrolling involves physical distances to make the patrolling test more difficult on the astral being, so I usually rule that if one program is set to patrol more than one node, then it's more difficult as well. Also, I make a roll for the system any time a person does something for which they're not authorized, like a user initiating a system restart, for example.
  2. No. A character can roll Hacking + Stealth to avoid being seen (Matrix Infiltration, if you will) but the IC might still roll better.
  3. It could reboot if the system is designed to. Think of it this way, though: if your anti-virus program is compromised by a virus or trojan, the anti-virus software tends to continue to run even though it's not actually protecting your computer any more. Thus, the system might thing the IC is still running even though it's been dealt with by a Hacker. Like #1, exactly what happens which IC is crashed is largely up to the GM and the system.
  4. I can imagine a system that would roll it's System + Firewall (for example) to detect an unauthorized or unexpected reboot process. Since the test to reboot a system is an extended test, there's then a chance that the system could notify a superuser or administrator that there's a problem. Depending on how fast that person moves, they might be able to keep the system up and running.
Go to the top of the page
 
+Quote Post
Earlydawn
post Dec 6 2007, 11:54 PM
Post #3


Moving Target
**

Group: Members
Posts: 385
Joined: 20-August 07
Member No.: 12,766



I always see this as a matter of intrusion. If you're using an established account that you've either had someone on the inside make, or skillfully inserted yourself, then it should either be indefinite, or measured in weeks for a target's security review mechanisms to realize the problem. On the other hand, if you just right-hooked your way in, then the classic hacker adage applies: "The longer you stay in a system, the greater the chance of detection, regardless of activity."
Go to the top of the page
 
+Quote Post
sunnyside
post Dec 7 2007, 01:17 AM
Post #4


Runner
******

Group: Members
Posts: 2,590
Joined: 31-December 06
Member No.: 10,502



So you figure if you hack in and then spend the time to give yourself and actual password and the like. Then log out and log in again using that the IC will simply regard you as a normal user regardless of activity.

I guess that makes sense.
Go to the top of the page
 
+Quote Post
Dashifen
post Dec 7 2007, 01:36 AM
Post #5


Technomancer
********

Group: Retired Admins
Posts: 4,638
Joined: 2-October 02
From: Champaign, IL
Member No.: 3,374



Still, if a legitimate account begins to perform actions that it's not authorized to perform, patrolling IC might still raise an alarm.
Go to the top of the page
 
+Quote Post
Jaid
post Dec 7 2007, 01:38 AM
Post #6


Great Dragon
*********

Group: Members
Posts: 7,089
Joined: 4-October 05
Member No.: 7,813



QUOTE (Dashifen)
Still, if a legitimate account begins to perform actions that it's not authorized to perform, patrolling IC might still raise an alarm.

sure, but if you can create an account, you'd be stupid to create anything other than an account that can do what you want to be able to do (and if you can't create such an account, then why are you wasting time creating an account at all?)
Go to the top of the page
 
+Quote Post
Dashifen
post Dec 7 2007, 01:51 AM
Post #7


Technomancer
********

Group: Retired Admins
Posts: 4,638
Joined: 2-October 02
From: Champaign, IL
Member No.: 3,374



Hindsight is always 20/20. Foresight, on the other hand, is a little more fuzzy. I've seen people create an account to control cameras and, half way through handling the cameras, alarms are triggered by the rest of the team and the hacker's got to work outside the box to get the alarms canceled. That's an action outside the things that the account was originally created to do, so IC gets a chance to notice.

Rhe other option is, of course, to create an administrative or super user account, I suppose, and give it the right to do everything, but there are people who probably know or can determine how many of those accounts there should be. There might even be dedicated IC doing nothing but watching the user accounts to make sure that no one does such a thing.

I guess I just hate giving away a free lunch. Just cause you've got it easy for a some quanta of time (while you legitimately use your legitimate account) doesn't mean that the other shoe won't drop if you step out of line or if you get unlucky.
Go to the top of the page
 
+Quote Post
Blade
post Dec 7 2007, 09:32 AM
Post #8


Runner
******

Group: Members
Posts: 3,009
Joined: 25-September 06
From: Paris, France
Member No.: 9,466



It's up to the GM for now.

Personally, I like to compare the Matrix plane with the physical plane, so I handle ICE more or less like drones in a building.
They patrol, and if they see you they can identify you as a threat, ignore you, ask to check your ID...

You can't exactly prevent it from finding you, but you can either hide from them (using the Stealth program), you can impersonate a legitimate user (using the Spoof program the way you use it to spoof commands to an agent) or you can crash it.

As for crashing it, I consider that the IC program is still running, but may be frozen, or acting inefficiently. The system won't be able to notice it, so you'll need a security hacker to reload it.
Go to the top of the page
 
+Quote Post
Rotbart van Dain...
post Dec 7 2007, 12:23 PM
Post #9


Hoppelhäschen 5000
*********

Group: Members
Posts: 5,807
Joined: 3-January 04
Member No.: 5,951



QUOTE (Dashifen)
Still, if a legitimate account begins to perform actions that it's not authorized to perform, patrolling IC might still raise an alarm.

Uh, actually, if you try to perform actions not allowed for your access level, you simply fail.

That's why you can hack different access levels.
Go to the top of the page
 
+Quote Post
Dashifen
post Dec 7 2007, 02:37 PM
Post #10


Technomancer
********

Group: Retired Admins
Posts: 4,638
Joined: 2-October 02
From: Champaign, IL
Member No.: 3,374



@Rotbart,
True, but a hacker with a legitimate account could use their skills to attempt actions for which they're not authorized. That is, in essence, what Hacking does, at least in my games.

So if you've hacked your way into a janitorial account, you might be able to open and close doors, control lights, get into storage areas that might be off-limits to the general employees, but the second you try to go outside that account's privileges (a) you stop using the Computer skill and switch to Hacking and (b) you might get seen by IC.

In other words, if you have account A and you try to hack it up to an account B with better privileges (even only temporarily, like for one action) then you might get caught.

Go to the top of the page
 
+Quote Post
Eleazar
post Dec 7 2007, 08:21 PM
Post #11


Moving Target
**

Group: Members
Posts: 398
Joined: 16-August 06
Member No.: 9,130



QUOTE (Dashifen @ Dec 6 2007, 08:51 PM)
Rhe other option is, of course, to create an administrative or super user account, I suppose, and give it the right to do everything, but there are people who probably know or can determine how many of those accounts there should be.  There might even be dedicated IC doing nothing but watching the user accounts to make sure that no one does such a thing. 

I guess I just hate giving away a free lunch.  Just cause you've got it easy for a some quanta of time (while you legitimately use your legitimate account) doesn't mean that the other shoe won't drop if you step out of line or if you get unlucky.

All of this is abstracted and uses an IC rating+Analyze, System+Analyze, or Computer+Analyze. That is the only way to notice something illegitimate. As soon as you start making special exceptions for one scenario you have to make special exceptions for all others. In SR4 there is no such thing as IC, Spiders, or Nodes keeping track of user accounts or many of the other things a Security Analyst or Hacker of today would do, at least not expressly. Checking user accounts or any other such thing is just simply an analyze action. Such things are inclusive in the fluff, and not the mechanics of gameplay. Fluff can only affect mechanics in a way which the mechanics expressly define, otherwise you are playing with a different set of rules than everyone else at the table. Thusly, you would then create a House Rule for such an occasion. In this case, I find such a House Rule entirely unnecessary because it is a purview already covered in the rules, while not expressly covered it is abstractly.
Go to the top of the page
 
+Quote Post
Dashifen
post Dec 7 2007, 08:23 PM
Post #12


Technomancer
********

Group: Retired Admins
Posts: 4,638
Joined: 2-October 02
From: Champaign, IL
Member No.: 3,374



The roll is the same in all cases, yes, but the motivation for the roll doesn't have to be.
Go to the top of the page
 
+Quote Post
Eleazar
post Dec 7 2007, 08:40 PM
Post #13


Moving Target
**

Group: Members
Posts: 398
Joined: 16-August 06
Member No.: 9,130



QUOTE (Dashifen)
The roll is the same in all cases, yes, but the motivation for the roll doesn't have to be.

Oh ok, it looks like I just completely misunderstood you then.
Go to the top of the page
 
+Quote Post
sunnyside
post Dec 8 2007, 03:56 AM
Post #14


Runner
******

Group: Members
Posts: 2,590
Joined: 31-December 06
Member No.: 10,502



Alright so you're saying that you could hack yourself up a new account and log in with that. But the active IC will be scanning the file at some point. And per how I read p217 the IC would roll analyze+rating vs Hacking/Computer+Edit. Probably on one success it just knows something is wrong with the file. On more successes it would be able to cross check promotion records or something and figure out exactly which entry was false.

So essentially you're back to the question of how long is it before the IC scans the file and how often it will do so. That and I suppose modifiers. A file like that probably wouldn't have any, but maybe a file that isn't cross referenced or anything would have a penatly to detect the editing.

Go to the top of the page
 
+Quote Post
Karaden
post Dec 8 2007, 05:10 AM
Post #15


Moving Target
**

Group: Members
Posts: 861
Joined: 27-November 07
Member No.: 14,397



The 'how often' thing is really up to you, but should be based on the importance of the data in question and overall security of the system. If your looking at joe SINner's commlink, your not likely to be challenged at all if you can get in in the first place, maybe daily or weekly exams of various data, but that would be about it.

Now, if your talking novatech's systems, your looking at verying times based on what the data is. Unimportant data generated by employees (personal data, e-mails, notes to self, unimportant projects, etc etc) would maybe be checked daily for errors. More important things like user accounts would maybe get an hourly check, and the super research data maybe every miniute. Of course this is just a rough idea, and it basicly comes down to this: How hard do you want the system to be for the hacker?

But remember, the hacker is generally going to have at least several minutes between scans except for the absolute most vital data, and even then a minute or so, part of the reason being the following:

"A processes importance is raited from 1 to 7, with 1 being the most important and having the most resources dedicated to it, and 7 being the least. A word program would be a likely example of something with a 7. The process for keeping track of and adjusting for the heat at a nuclear plant would be an example of a 2" - Pulled roughly from a friend's CS collage textbook. His question after reading this of course was "What the heck gets a 1 then?"

Just goes to prove that even absurdly important things tend to have things above them.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 7th July 2026 - 11:11 AM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.